METHOD OF MANAGING CONNECTIONS IN FIREWALL

摘要

FIELD: information technology.SUBSTANCE: method involves receiving packets from an external network; creating a table of connections; determining the total number of currently established connections; determining the load level of the firewall by comparing the number of established connections with a threshold; determining new and established connections based on two-way exchange of packets between a client and a server; determining connection termination based on processing ICMP messages on errors or flags in the TCP header; dynamically determining current connection timeout values based on the type of the network protocol, the connection status and load level of the firewall; changing the timestamp of processing the last packet if any packet is transmitted within a given connection or within a group of connections; terminating a connection if the timestamp of processing the last packet differs from the current time more than the timeout of said connection.EFFECT: high reliability of established connections and providing maximum throughput with a high load.1 tbl